Linux 5.5 KVM Adds POWER Support For Secure Guests/VMs

Written by Michael Larabel in Virtualization on 7 December 2019 at 05:25 AM EST. Add A Comment
VIRTUALIZATION
IBM's work from over a year ago in working towards secure virtual machines on POWER hardware is finally coming to fruition with Linux 5.5 due out early next year.

After those original Secure Virtual Machine POWER9 patches were posted last year, the ultravisor / secure bits landed in Linux 5.4 in preparing the foundation. As explained in that earlier article, "The Ultravisor / SVM support is part of IBM's approach for protected computing that is akin to the approaches of Intel SGX and AMD Secure Encrypted Virtualization (SEV). IBM's Ultravisor code runs with higher privileges than the virtualization hypervisor and in turn the virtual machines rely upon IBM Protected Execution for verifying the behavior of the hypervisor/ultravisor."
A pseries guest can be run as secure guest on Ultravisor-enabled POWER platforms. On such platforms, this driver will be used to manage the movement of guest pages between the normal memory managed by hypervisor (HV) and secure memory managed by Ultravisor (UV).

With that POWER architecture code in place, a follow-up KVM (Kernel-based Virtual Machine) pull request has added the PowerPC secure guest support.
Related News
About The Author
Michael Larabel

Michael Larabel is the principal author of Phoronix.com and founded the site in 2004 with a focus on enriching the Linux hardware experience. Michael has written more than 20,000 articles covering the state of Linux hardware support, Linux performance, graphics drivers, and other topics. Michael is also the lead developer of the Phoronix Test Suite, Phoromatic, and OpenBenchmarking.org automated benchmarking software. He can be followed via Twitter, LinkedIn, or contacted via MichaelLarabel.com.

Popular News This Week